Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

< jaybonci> actually d-i stands for "divine intervention" ;) -- in #debian-devel


devel / alt.msdos.batch / Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes

SubjectAuthor
* Random changing of C: Windows Fonts script for anti-fingerprinting purposesmike
+* Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposesNewyana2
|+* Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposesmike
||`* Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposesNewyana2
|| `* Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposesmike
||  `* Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposesNewyana2
||   `- Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposesmike
|`* Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposesFrank Slootweg
| `- Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposesNewyana2
`* Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposesVanguardLH
 `* Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposesmike
  `* Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposesVanguardLH
   `* Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposesmike
    +* Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposesKen Blake
    |`- Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposesmike
    `* Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposesVanguardLH
     `- Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposesmike

1
Random changing of C: Windows Fonts script for anti-fingerprinting purposes

<tv9pdf$2bdv7$1@solani.org>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=341&group=alt.msdos.batch#341

 copy link   Newsgroups: alt.comp.os.windows-10 alt.msdos.batch
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!reader5.news.weretis.net!news.solani.org!.POSTED!not-for-mail
From: thi...@address.is.invalid (mike)
Newsgroups: alt.comp.os.windows-10,alt.msdos.batch
Subject: Random changing of C: Windows Fonts script for anti-fingerprinting purposes
Date: Mon, 20 Mar 2023 19:39:02 +0530
Message-ID: <tv9pdf$2bdv7$1@solani.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Mon, 20 Mar 2023 14:08:48 -0000 (UTC)
Injection-Info: solani.org;
logging-data="2471911"; mail-complaints-to="abuse@news.solani.org"
User-Agent: Unison/2.1.10
Cancel-Lock: sha1:7EqrFhZl7/tYtFH1t0xaOg7Rq6k=
X-User-ID: eJwNy8ERACEIBLCW8GQXLAcE+i/hfGeCzcVrSlAxmL4DOuqKRrhazM4W2jn+iON0OZmlvTLtBfusuiOXCor5A3aAFps=
 by: mike - Mon, 20 Mar 2023 14:09 UTC

I recently was advised that browser fingerprinting can be done using (among
many other metrics) your C:WindowsFonts such that, for example, you can try
to use different browsers but your fonts will be exactly the same for all.
https://webbrowsertools.com/font-fingerprint/

The complexity of the FONT fingerprinting methods are partially in the
specific set of fonts that any one user has accrued up to this moment.
https://browserleaks.com/fonts

Realizing there are many fingerprinting metrics and related addons, the
goal of this topic is to focus only on randomizing with a batch script.
https://www.iptest.club/

It's understood most "how to protect yourself" articles advise the use of
myriad fake-font add ons or disabling javascript, but if you have multiple
browsers and if you want them to work on the Internet, they're cumbersome.

It's also understood VPNs, proxies, onion browsers, VMs and the like have
their place, but this question does not ask for TLA-hardened anonymity
but, instead, simply for a simple Windows randomized batch file method that
the user himself can maintain (assuming it works w/o additional tools).

It's also understood fonts come in many formats and sizes so the article
below says to stick with *.ttf files and to get all the sizes for each.

Reading this protection article gave me an idea of perhaps "randomizing"
the fonts that are to be found in C:\Windows\Fonts on a frequent basis.
https://www.iptest.club/blog/fingerprinting/font-fingerprinting-protect/

Rather than install visual basic, the simple idea I had is to first "hide"
the fonts that will be used to randomize and then to set the fonts to the
default set (whatever that might be) at an initial Windows installation.

While there is (supposedly) a set of "original Windows 10 fonts" extent
https://www.auslogics.com/en/articles/how-to-restore-default-fonts-in-windows-10/

I suspect, in reality, there is no one set of "original default fonts" but,
luckily, the randomization can probably still be successful with or without
a 'clean' starting point (as it can likely use any starting point).

Assuming the starting point is whatever fonts each of us currently have,
and then assuming we want a script to randomly add and subtract randomly
another random set of fonts (which may need to be stored in an obfuscated
format, perhaps a zip file), how would you approach the randomizing script?

I'm thinking of a potential process of something like this:
1| Assume the current C:\Windows\Fonts will always exist
2| Collect a set of a few score additional fonts (I'm not sure how though)
3| Zip that collected set (if it's necessary to obfuscate them)
4| Randomly unzip the folder & copy a random subset to C:\Windows\Fonts
5| REMEMBER what was copied during that copy! (It's needed next.)
6| Upon the next random time point, undo that copy & do another random copy

What do you think of that simple randomization process?

Do you have a better idea than the visual basic method proposed here?
https://www.iptest.club/blog/fingerprinting/font-fingerprinting-protect/

Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes

<tva7n6$1gk6c$1@paganini.bofh.team>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=342&group=alt.msdos.batch#342

 copy link   Newsgroups: alt.comp.os.windows-10 alt.msdos.batch
Path: i2pn2.org!i2pn.org!paganini.bofh.team!not-for-mail
From: Newya...@invalid.nospam (Newyana2)
Newsgroups: alt.comp.os.windows-10,alt.msdos.batch
Subject: Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes
Date: Mon, 20 Mar 2023 14:12:29 -0400
Organization: To protect and to server
Lines: 18
Message-ID: <tva7n6$1gk6c$1@paganini.bofh.team>
References: <tv9pdf$2bdv7$1@solani.org>
Injection-Date: Mon, 20 Mar 2023 18:12:54 -0000 (UTC)
Injection-Info: paganini.bofh.team; logging-data="1593548"; posting-host="YqKngTRkOayeCX1S/e7lbw.user.paganini.bofh.team"; mail-complaints-to="usenet@bofh.team"; posting-account="9dIQLXBM7WM9KzA+yjdR4A";
Cancel-Lock: sha256:hbM7T0BNGi6T8KD6zPj3uRA62RblV6MB4zBvD//HhjM=
X-MSMail-Priority: Normal
X-Notice: Filtered by postfilter v. 0.9.3
X-Priority: 3
X-Newsreader: Microsoft Outlook Express 6.00.2900.5512
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5512
 by: Newyana2 - Mon, 20 Mar 2023 18:12 UTC

"mike" <this@address.is.invalid> wrote

| Do you have a better idea than the visual basic method proposed here?
| https://www.iptest.club/blog/fingerprinting/font-fingerprinting-protect/
|

I use a combination of HOSTS file and NoScript. So very
few sites have script enabled in my browser. And most of
the spwyware domains are blocked altogether. If you're
going to let the likes of Google access your system, especially
with script enabled, then they already know everywhere you're
going and what you're doing. Randomizing fonts is then like
locking your side window while the front wall of your house is
missing. People come up with this kind of nonsense
because they want to pretend they can have privacy and
convenience with no mitigation of either. That won't work.

Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes

<tva8me$28o79$1@solani.org>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=343&group=alt.msdos.batch#343

 copy link   Newsgroups: alt.comp.os.windows-10 alt.msdos.batch
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!reader5.news.weretis.net!news.solani.org!.POSTED!not-for-mail
From: thi...@address.is.invalid (mike)
Newsgroups: alt.comp.os.windows-10,alt.msdos.batch
Subject: Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes
Date: Mon, 20 Mar 2023 23:59:50 +0530
Message-ID: <tva8me$28o79$1@solani.org>
References: <tv9pdf$2bdv7$1@solani.org> <tva7n6$1gk6c$1@paganini.bofh.team>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Mon, 20 Mar 2023 18:29:35 -0000 (UTC)
Injection-Info: solani.org;
logging-data="2384105"; mail-complaints-to="abuse@news.solani.org"
User-Agent: Unison/2.1.10
Cancel-Lock: sha1:Rs6qjytzdvzeTe0KtaWhlzcLOBI=
X-User-ID: eJwFwQERADEIAzBL7Es7kMPB8C/hE0JHfV2Uc7mmd4XTPUUsagd+2REnP2aU7brPSxu16pVyTOWwGBHVP1T9FZo=
 by: mike - Mon, 20 Mar 2023 18:29 UTC

On 20-03-2023 23:42 Newyana2 <Newyana2@invalid.nospam> wrote:

>| Do you have a better idea than the visual basic method proposed here?
>| https://www.iptest.club/blog/fingerprinting/font-fingerprinting-protect/
>|
>
> I use a combination of HOSTS file and NoScript. So very
> few sites have script enabled in my browser. And most of
> the spwyware domains are blocked altogether. If you're
> going to let the likes of Google access your system, especially
> with script enabled, then they already know everywhere you're
> going and what you're doing. Randomizing fonts is then like
> locking your side window while the front wall of your house is
> missing. People come up with this kind of nonsense
> because they want to pretend they can have privacy and
> convenience with no mitigation of either. That won't work.

That doesn't deal with fonts though...

I know many of those methods too but let's try to keep this to fonts
as once you turn off javascript (as you know - which is why you don't
just use the hosts file alone) everything breaks.
# https://raw.gitbugusercontent.com/StevenBlack/hosts/master/hosts
# https://winhelp2002.mvps.org/hosts.txt
# https://github.com/Ultimate-Hosts-Blacklist/Ultimate.Hosts.Blacklist
# https://pgl.yoyo.org/adservers/
# https://github.com/AdguardTeam/AdguardSDNSFilter
# https://raw.githubusercontent.com/AdguardTeam/FiltersRegistry/master/filters/filter_15_DnsFilter/filter.txt

Worse, any solution that only works in one browser is NOT a solution.
Worse than that, any solution that has to be ported to multiple browsers is
not a solution - so let's not go down the rathole of all the plugins.

The request here, since I never wrote any code in my life, is to ask
participants who have written code to look at the visual basic stuff here.
https://www.iptest.club/blog/fingerprinting/font-fingerprinting-protect/
To tell me whether it sounds reasonably viable, but I don't really want
to install visual basic when a small batch command script might do.

It seems simpler than adding visual basic if I can understand the steps.
1| Create a directory of fonts to be randomly added to the Windows fonts
2| Randomly add a random subset of those extra fonts to the Windows fonts
3| Remove them and then randomly add a different random font set

Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes

<tvahnd.c7o.1@ID-201911.user.individual.net>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=344&group=alt.msdos.batch#344

 copy link   Newsgroups: alt.comp.os.windows-10 alt.msdos.batch
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!lilly.ping.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: thi...@ddress.is.invalid (Frank Slootweg)
Newsgroups: alt.comp.os.windows-10,alt.msdos.batch
Subject: Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes
Date: 20 Mar 2023 20:03:48 GMT
Organization: NOYB
Lines: 13
Message-ID: <tvahnd.c7o.1@ID-201911.user.individual.net>
References: <tv9pdf$2bdv7$1@solani.org> <tva7n6$1gk6c$1@paganini.bofh.team>
X-Trace: individual.net b+uJUZiIk3ZirpNA48BLOAhUV3u9g+1BkfF1w8/VqyHgfcy9Lt
X-Orig-Path: not-for-mail
Cancel-Lock: sha1:YpAeNwHLkAxmpfOXMIrzBDGJhJ8=
User-Agent: tin/1.6.2-20030910 ("Pabbay") (UNIX) (CYGWIN_NT-10.0-WOW/2.8.0(0.309/5/3) (i686)) Hamster/2.0.2.2
 by: Frank Slootweg - Mon, 20 Mar 2023 20:03 UTC

Newyana2 <Newyana2@invalid.nospam> wrote:
[...]
> If you're
> going to let the likes of Google access your system, especially
> with script enabled, then they already know everywhere you're
> going and what you're doing.

[...]

You've probably see it before, but just in case you haven't, I'm sure
you'll appreciate this one:

<https://www.kuvaton.com/kuvei/at_the_google_store.gif>

Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes

<tvb0ii$1nn6e$1@paganini.bofh.team>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=345&group=alt.msdos.batch#345

 copy link   Newsgroups: alt.comp.os.windows-10 alt.msdos.batch
Path: i2pn2.org!i2pn.org!paganini.bofh.team!not-for-mail
From: Newya...@invalid.nospam (Newyana2)
Newsgroups: alt.comp.os.windows-10,alt.msdos.batch
Subject: Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes
Date: Mon, 20 Mar 2023 21:16:40 -0400
Organization: To protect and to server
Lines: 36
Message-ID: <tvb0ii$1nn6e$1@paganini.bofh.team>
References: <tv9pdf$2bdv7$1@solani.org> <tva7n6$1gk6c$1@paganini.bofh.team> <tva8me$28o79$1@solani.org>
Injection-Date: Tue, 21 Mar 2023 01:17:06 -0000 (UTC)
Injection-Info: paganini.bofh.team; logging-data="1825998"; posting-host="YqKngTRkOayeCX1S/e7lbw.user.paganini.bofh.team"; mail-complaints-to="usenet@bofh.team"; posting-account="9dIQLXBM7WM9KzA+yjdR4A";
Cancel-Lock: sha256:3gq4dewCA3ggbNRR3Tp+IF9sbkUEiIJaAx4zk5Rxa5o=
X-Newsreader: Microsoft Outlook Express 6.00.2900.5512
X-Notice: Filtered by postfilter v. 0.9.3
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5512
X-MSMail-Priority: Normal
X-Priority: 3
 by: Newyana2 - Tue, 21 Mar 2023 01:16 UTC

"mike" <this@address.is.invalid> wrote

| That doesn't deal with fonts though...

You don't understand. Enumerating your fonts requires
enabling javascript, and it's only done by companies
trying to track you. If you block those companies and limit
script, then no one's enumerating your fonts.

Take a look at the source code of a few commercial
websites. At most you'll find code calling out to google
fonts, maps, jquery, google analytics, google
tag manage, doubleclick, facebook, and so on. If
you don't block access to those domains in a HOSTS
file then they're tracking you everywhere you go. If
you're going to use Google, gmail, maps, etc and you
need to enable script, then they will track you.
Enumerating you fonts won't be necessary. Your browser
will call them everywhere you go. Even if you manage
to hide your IP, they'll be tracking you.

Many things will break if you disable javascript, but if
you use NoScript then you can enable only what's
absolutely necessary. It's up to you, but you're
fooling yourself if you think a font mixer-upper is
going to make a difference.

I disable javascript for both privacy and security. It
simply isn't safe. In terms of privacy, I've seen virtually
no ads in decades, with a HOSTS file of about 300
entries. It works quite well, because the ads and
trackers are a very small number of entities. So why
would anyone NOT use a HOSTS file for things like google
analytics and doubleclick?

Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes

<tvb0od$1nnsg$1@paganini.bofh.team>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=346&group=alt.msdos.batch#346

 copy link   Newsgroups: alt.comp.os.windows-10 alt.msdos.batch
Path: i2pn2.org!i2pn.org!paganini.bofh.team!not-for-mail
From: Newya...@invalid.nospam (Newyana2)
Newsgroups: alt.comp.os.windows-10,alt.msdos.batch
Subject: Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes
Date: Mon, 20 Mar 2023 21:19:48 -0400
Organization: To protect and to server
Lines: 10
Message-ID: <tvb0od$1nnsg$1@paganini.bofh.team>
References: <tv9pdf$2bdv7$1@solani.org> <tva7n6$1gk6c$1@paganini.bofh.team> <tvahnd.c7o.1@ID-201911.user.individual.net>
Injection-Date: Tue, 21 Mar 2023 01:20:14 -0000 (UTC)
Injection-Info: paganini.bofh.team; logging-data="1826704"; posting-host="YqKngTRkOayeCX1S/e7lbw.user.paganini.bofh.team"; mail-complaints-to="usenet@bofh.team"; posting-account="9dIQLXBM7WM9KzA+yjdR4A";
Cancel-Lock: sha256:M+Z0OvyJPhwKWciEcNF24bSH8PtFIDoYmSWtnoQmmiw=
X-Newsreader: Microsoft Outlook Express 6.00.2900.5512
X-Priority: 3
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5512
X-MSMail-Priority: Normal
X-Notice: Filtered by postfilter v. 0.9.3
 by: Newyana2 - Tue, 21 Mar 2023 01:19 UTC

"Frank Slootweg" <this@ddress.is.invalid> wrote

| <https://www.kuvaton.com/kuvei/at_the_google_store.gif>

:) Except no one says, "What just happened?" Most
people are thrilled by the convenience. Just ask all
those gmail users and Waze drivers. Why think when
Google will do it for you, for free?!

Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes

<tvbi4g$2cbdb$1@solani.org>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=347&group=alt.msdos.batch#347

 copy link   Newsgroups: alt.comp.os.windows-10 alt.msdos.batch
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!reader5.news.weretis.net!news.solani.org!.POSTED!not-for-mail
From: thi...@address.is.invalid (mike)
Newsgroups: alt.comp.os.windows-10,alt.msdos.batch
Subject: Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes
Date: Tue, 21 Mar 2023 11:47:04 +0530
Message-ID: <tvbi4g$2cbdb$1@solani.org>
References: <tv9pdf$2bdv7$1@solani.org> <tva7n6$1gk6c$1@paganini.bofh.team> <tva8me$28o79$1@solani.org> <tvb0ii$1nn6e$1@paganini.bofh.team>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Tue, 21 Mar 2023 06:16:49 -0000 (UTC)
Injection-Info: solani.org;
logging-data="2502059"; mail-complaints-to="abuse@news.solani.org"
User-Agent: Unison/2.1.10
Cancel-Lock: sha1:HdcV1lEdwzdQo2+kHJTW8s9NdVs=
X-User-ID: eJwFwYERACEIA7CVvlILjGM53X+ET3YImqS2uN9+UJQ75gHfmBlMURa8YE3f6Iiq+x17JlcRwknaXG3eHzCCFMg=
 by: mike - Tue, 21 Mar 2023 06:17 UTC

On 21-03-2023 03:16 Newyana2 <Newyana2@invalid.nospam> wrote:

>| That doesn't deal with fonts though...
>
> You don't understand.

I know you're trying to "educate me", but I'm not asking to be educated
on the philosphy of privacy which I already know quite a bit about.

What I do not know how to do is write scripts.

To get back to that question, what I've done is open a new thread that
simply asks the question in a way that removes the philosophical aspect.

If I wanted to discuss the philosophy of privacy, I'd have cross posted to
alt.privacy instead of to a windows and batch newsgroup, wouldn't I have?

> Enumerating your fonts requires
> enabling javascript, and it's only done by companies
> trying to track you.

The question being posed is not a philosophical question but a tactical one.

It is the technical question of how to randomize a directory of "stuff"
(which happen to be Windows fonts).

Javascript plays no active role in the solution component of the question.

> If you block those companies and limit
> script, then no one's enumerating your fonts.

I know you're trying to help - and I don't want to be argumentative
but to say I don't understand doesn't help solve the problem set,
because I do understand that cutting off my nose to spite my face isn't
a solution.

Turning off javascript breaks the Internet (colloquially speaking).
And it does nothing to answer the question of how to randomize the fonts.

> Take a look at the source code of a few commercial websites.

Much as all of us would like the solution of just not using web browsers,
unfortunately, turning off javascript is no better (in terms of a "solution"
to the font question) than is deleting all browsers and never using them again.

The solution of randomizing the fonts applies to randomizing any directory
of "stuff" so it's a different problem set than the topic of privacy.

> At most you'll find code calling out to google
> fonts, maps, jquery, google analytics, google
> tag manage, doubleclick, facebook, and so on.

It's two different approaches with completely different pros & cons:
1. Turn off all browsers (then you don't have the problem, so there! :)
2. Randomize your fonts (then you don't have the problem, so there! :)

> If you don't block access to those domains in a HOSTS
> file then they're tracking you everywhere you go.

The hosts is completely unrelated to the problem set of randomizing
the fonts, but I already said in my previous response that, of course
I'm well aware of the value of the hosts file.

Like you most likely, I have a hosts file that blocks "things",
where my hosts file is something like 50K lines long being essentially
a concatenation of the major list that I previously supplied such as
MVP hosts just to name one &

Some day I'll explore acrylic dns, but not now as that's a different
approach altogether just to add regular expressions to the hosts domains.

> If you're going to use Google, gmail, maps, etc

I use DDG so I don't use Google search (except within a proxy such as Opera),
and I don't use Gmail (I use Thunderbird, assuming you meant the MUA),
and I don't use Gooogle maps (except within a proxy such as Epic).

But none of that applies to the question of how to randomize fonts.

Most of the time I'm using VPN and/or a proxy/onion browser (such as TBB)
but that doesn't matter because it's unrelated to the question I asked.

The question is how to randomize a directory of "stuff" (which happen to be fonts).

> and you need to enable script, then they will track you.

I tried very hard, in the first post, to say that the question is not
a philosophical question about privacy, for which you and I could wax
eloquently on almost forever, as I know quite a bit about privacy myself.

But, I'm trying to solve a simple Windows scripting problem, which if I
didn't say why, then all this wasted energy about hosts file and javascript
wouldn't have come up.

What if I asked for a method to randomize a directory of mere "objects"
instead of fonts? Would the problem that I am posing be any different
to you in that situation?

> Enumerating you fonts won't be necessary.

The better solution is to not use any web browsers & then problem you
are trying to solve is solved.

But that still doesn't solve the programmatic technical question of how
to randomize a Windows directory of "stuff", which just happen to be fonts.

> Your browser will call them everywhere you go.

If the fonts are randomized, the browser will see the set of fonts as,
likely unique, but at least each visit (depending on the time frame
assigned to the randomization process) will be a different set of unique.

> Even if you manage to hide your IP, they'll be tracking you.

The philosophical question of what is the nature of evil is as solvable
in a Usenet thread as the problem set you are attempting to resolve here.

I realize you think I am not aware of the fundamental issues but if you
look more closely at the opening post, it was exactly the deflection
that you're causing (and I know you mean well) that I was trying to avoid.

I want to focus this thread on the technical question of how to randomize
a directory containing stuff, which, in this case, just happen to be fonts.

I already have a solution which you didn't look at which I asked people
who know how to write code to look at (I don't know how to write code myself).
https://www.iptest.club/blog/fingerprinting/font-fingerprinting-protect/

My approach to writing the code will likely be a combination of
1| Create an archive of fonts to be randomly added to the Windows fonts
2| Randomly add a random subset of archive fonts to the Windows fonts
3| Remove that set and then randomly add a different random font set

> Many things will break if you disable javascript, but if
> you use NoScript then you can enable only what's
> absolutely necessary.

I've been using TBB for more than two decades it seems.
Almost everything breaks.

> It's up to you, but you're
> fooling yourself if you think a font mixer-upper is
> going to make a difference.

I'm well aware more is needed than simply randomizing fonts.
But randomizing fonts is a fundamental step nonetheless.

I didn't want to go there, but to your point that more needs to be done,
I'm aware that randomizing the time zone, for example, is also necessary.

But I'm taking the approach one step at a time since randomizing the
time zone was solved with code found by searching on this newsgroup.

@echo off
setlocal EnableDelayedExpansion
:loop
set /a n=137*%random%/32768*3+1
for /f "tokens=*" %%i in ('tzutil /l^|more +%n%') do set a=%%i& goto :l1
:l1
echo.
echo.
echo setting time zone to: %a%
tzutil.exe /s "%a%"
:: wait 6-24h
set /a n=20864+(%random%*2)
set /a h=%n%/3600
set /a m=(n-(%h%*3600))/60
echo waiting %h% hours, %m% minutes
timeout %n%
goto :loop
exit 0

I don't know yet but I might insert a subroutine inside that
timzone randomization script to randomize the fonts but it's more
likely the font randomization will be separate from the time zone.

> I disable javascript for both privacy and security.

I use VPN, proxies, TOR, MVP Hosts, etc., also.
But breaking the Internet isn't going to be a viable solution for most people.

> It simply isn't safe. In terms of privacy, I've seen virtually
> no ads in decades, with a HOSTS file of about 300
> entries. It works quite well, because the ads and
> trackers are a very small number of entities. So why
> would anyone NOT use a HOSTS file for things like google
> analytics and doubleclick?

This thread is already borked so I will start a new thread asking
the question in a way that, I hope, won't devolve into a philosophical
discussion because I wish to focus on a solution to the stated question.

What is a working method on Windows to easily randomize a set of stuff?
(which happen to be fonts but which could be any collection of stuff)

Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes

<tvc50e$1rh9f$1@paganini.bofh.team>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=350&group=alt.msdos.batch#350

 copy link   Newsgroups: alt.comp.os.windows-10 alt.msdos.batch
Path: i2pn2.org!i2pn.org!paganini.bofh.team!not-for-mail
From: Newya...@invalid.nospam (Newyana2)
Newsgroups: alt.comp.os.windows-10,alt.msdos.batch
Subject: Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes
Date: Tue, 21 Mar 2023 07:38:29 -0400
Organization: To protect and to server
Lines: 12
Message-ID: <tvc50e$1rh9f$1@paganini.bofh.team>
References: <tv9pdf$2bdv7$1@solani.org> <tva7n6$1gk6c$1@paganini.bofh.team> <tva8me$28o79$1@solani.org> <tvb0ii$1nn6e$1@paganini.bofh.team> <tvbi4g$2cbdb$1@solani.org>
Injection-Date: Tue, 21 Mar 2023 11:38:55 -0000 (UTC)
Injection-Info: paganini.bofh.team; logging-data="1951023"; posting-host="YqKngTRkOayeCX1S/e7lbw.user.paganini.bofh.team"; mail-complaints-to="usenet@bofh.team"; posting-account="9dIQLXBM7WM9KzA+yjdR4A";
Cancel-Lock: sha256:l9prT4bK/AJR5+8ZqBuWUxCbxYNz/QSA6c0aiYnixag=
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5512
X-MSMail-Priority: Normal
X-Notice: Filtered by postfilter v. 0.9.3
X-Priority: 3
X-Newsreader: Microsoft Outlook Express 6.00.2900.5512
 by: Newyana2 - Tue, 21 Mar 2023 11:38 UTC

"mike" <this@address.is.invalid> wrote

|
| The question being posed is not a philosophical question but a tactical
one.
|

Exactly. Privacy is not philosophy. It's a practical
matter. You may want to randomize your fonts, but others
have a right to know it's not a useful thing to do.

Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes

<1f6numnfmrda8$.dlg@v.nguard.lh>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=351&group=alt.msdos.batch#351

 copy link   Newsgroups: alt.comp.os.windows-10 alt.msdos.batch
Path: i2pn2.org!i2pn.org!usenet.goja.nl.eu.org!2.eu.feeder.erje.net!feeder.erje.net!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: V...@nguard.LH (VanguardLH)
Newsgroups: alt.comp.os.windows-10,alt.msdos.batch
Subject: Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes
Date: Tue, 21 Mar 2023 18:38:53 -0500
Lines: 155
Message-ID: <1f6numnfmrda8$.dlg@v.nguard.lh>
References: <tv9pdf$2bdv7$1@solani.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Trace: individual.net rmxumcdeaBZo04or86hY+AcNCMHnH71FKBN2OMLoEoKg1e6SSv
Cancel-Lock: sha1:9JIKM90E54E29NHSYVQNLwzG/Sk=
User-Agent: 40tude_Dialog/2.0.15.41
 by: VanguardLH - Tue, 21 Mar 2023 23:38 UTC

mike <this@address.is.invalid> wrote:

> I recently was advised that browser fingerprinting can be done using (among
> many other metrics) your C:WindowsFonts such that, for example, you can try
> to use different browsers but your fonts will be exactly the same for all.
> https://webbrowsertools.com/font-fingerprint/
>
> The complexity of the FONT fingerprinting methods are partially in the
> specific set of fonts that any one user has accrued up to this moment.
> https://browserleaks.com/fonts

Easier for me to just configure my web browser, Firefox, to resist font
fingerprinting.

https://support.mozilla.org/mk/questions/1375011
See jscher2000's response.

In addition, there is the privacy.resistFingerprinting setting. In
Firefox's ETP (Enhanced Tracking Protection), both the Standard and
Strict levels incorporate anti-fingerprinting. Only if you use the
Custom level, and deselect Fingerprinting, is that protection disabled.
With it enabled, Javascript can query only for the base set of fonts
which everyone else has, so you're hiding in a crowd.

https://support.mozilla.org/en-US/kb/firefox-protection-against-fingerprinting

In addition, you can configure the privacy.resistFingerprinting setting
which was added 6 years ago in Firefox; see:

https://bugzilla.mozilla.org/show_bug.cgi?id=1345322

However, while privacy.resistFingerprinting prevents several
fingerprinting methods (time zone, resolution, vancas, webgl, etc), it
intentionally breaks other features, like breaking the
prefers-color-scheme CSS media query resulting in telling web sites you
want a light color scheme, changing to UTC time zone, and some sites
have legitimate use of canvas than for fingerprinting. For example:

https://necromuralist.github.io/posts/mozilla-madness-resist-fingerprinting/

With privacy.resistFingering = false, the tooltips when hovering over
the bars in the chart will appear. With privacy.resistFingerprinting =
true, the tooltips are absent.

Another test is to visit https://browserleaks.com/fonts with
privacy.resistFingerprinting at false and retest with true. For my
current Windows setup, I get:

resistFingerprinting = false
283 fonts, 240 metrics
resistFingerprinting = true
92 fonts, 81 metrics

With this setting at true (enabled), a lot less font info is available;
however, a lot of sites will break, and probably why the default setting
is false. It's a way to harden Firefox, but if hardened too much than
too many sites will break. It was primarily added to provide a setting
for the Tor variant of Firefox.

You can get an add-on for Firefox that makes easy toggling
privacy.resistFingerprinting beteen false and true rather than having to
manually edit the setting in about:config, like:

https://addons.mozilla.org/en-US/firefox/addon/toggle-resist-fingerprinting/

Personally I'd suggest deciding on which mode you want in settings, and
stick with that rather than repeatedly having to decide when to toggle,
and then remembering to toggle back. Some info on what the setting will
break is mentioned at:

https://wiki.mozilla.org/Security/Fingerprinting

amiunique.org checks on what info can be leaked from your web browser's
current setup, but doesn't really give you an overall score. Instead
visit https://coveryourtracks.eff.org/.

privacy.resistFingerprinting = false (default)
EFF score = 17.52 bits of identifying information
privacy.resistFingerprinting = true
EFF score = 17.52 bits

Same score regardless of setting's value. In particular, the System
Fonts count did not change. Firefox isn't reporting other fonts
regardless of privacy.resistFingerprinting's value. Sp, you end up
breaking some functions without much, if any, change to your fingerprint
score. Yet the score shown above using browserleaks.com, and also using
amiunique.org, illustrates other (non-system) fonts are visible: more
with privacy.resistFingerprinting = false, less with it set to true.

Fingerprinting by fonts is unreliable, so I don't bother trying to
secure Firefox against revealing fonts. privacy.resistFingerprinting
breaks too many web sites, especially those where it interferes with
sites I use a lot, like they use Canvas, and I'm not managing another
whitelist of sites for where privacy is lessened, and why I don't want
to bother repeated testing with an add-on to toggle the setting to see
which will make a site work, and remember to toggle again when I visit
elsewhere. If I wanted to add that setting, I'd use another instance of
Firefox, like Tor Browser.

I tested jscher2000's suggestion in the mozilla support forum (mentioned
first) of setting the other layout.css.font-visibility settings from 3
(system+optional+user-installed fonts) to 1 (system fonts only). My
setup, and the defaults, are:

layout.css.font-visibility.private 3
layout.css.font-visibility.resistFingerprinting 1
layout.css.font-visibility.standard 3
layout.css.font-visibility.trackingprotection 3

1 = system fonts only
2 = also fonts from optional language packs
3 = also user-installed fonts

Those values are used unless privacy.resistFingerprinting is enabled
(true) in which case those settings are overridden to become 1 (system
fonts only). With privacy.resistFingerprinting = false (default), I got
the follow font counts reported by EFF and amiunique:

EFF font count = 48
amiunique font count = 80
browserleaks font count = 283 (240 metrics)

With all the layout settings at 1 (system fonts only), I got:

EFF font count = 31
amiunique font count = 80
browserleaks font count = 92 fonts (81 metrics)

Despite EFF showing less fonts are discoverable when using 1 for all
layout.css.font-visibility.* settings, amiunique keeps reporting the
same count. So, I decided to add browserleaks.com/fonts to the above
results. These are the same measurements I showed before, but included
in this chart mostly to show amiunique is not reliable for measuring
fingerprinting.

So, you could use privacy.resistFingerprinting to force a reduction in
font visibility (to just system fonts) along with everything else it
cripples causing problems at many web sites, or you could edit the
layout.css.font-visibility.* setting to reduce font exposure without all
the other cripples (canvas, color, window size, etc).

Up to you if you want to employ some external method to reduce font
exposure, or use settings available within Firefox.

Chrome has never been as configurable as Firefox, so what you can do
inside of Chrome to reduce font visibility may require use of add-ons or
external methods. Have fun. I don't see this metric as providing a
reliable metric. You'll end up breaking a lot of sites that then you
have to mend with whitelists or overrides - after you figure out why a
site is misbehaving because of your setup.

Remember that if a site cannot get the metrics or resources it wants to
use, they don't have to provide with some, or any, or their content.
Their site, their content, their choice. You can choose what to allow
on your end, but that doesn't override their choices.

Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes

<tvdu41$2divu$1@solani.org>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=352&group=alt.msdos.batch#352

 copy link   Newsgroups: alt.comp.os.windows-10 alt.msdos.batch
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!reader5.news.weretis.net!news.solani.org!.POSTED!not-for-mail
From: thi...@address.is.invalid (mike)
Newsgroups: alt.comp.os.windows-10,alt.msdos.batch
Subject: Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes
Date: Wed, 22 Mar 2023 09:23:53 +0530
Message-ID: <tvdu41$2divu$1@solani.org>
References: <tv9pdf$2bdv7$1@solani.org> <1f6numnfmrda8$.dlg@v.nguard.lh>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Wed, 22 Mar 2023 03:53:38 -0000 (UTC)
Injection-Info: solani.org;
logging-data="2542590"; mail-complaints-to="abuse@news.solani.org"
User-Agent: Unison/2.1.10
Cancel-Lock: sha1:KjMURed87JmY74Ux7dxvMGrhTFU=
X-User-ID: eJwFwYkBwCAIA8CVypOA4xgr+4/gHYLGU0kwMZix1GW7cnVwyXZLIDzKfiUK3HaHKn552mO7Z6F7JPnEAztOFNo=
 by: mike - Wed, 22 Mar 2023 03:53 UTC

On 21-03-2023 23:38 VanguardLH <V@nguard.LH> wrote:

> Easier for me to just configure my web browser, Firefox, to resist font
> fingerprinting.

I have nothing against Firefox and that's a nice feature of Firefox.

But what good is a solution that only works with one browser?
And which likely breaks the Internet?

When you can come up with a solution that works with all browsers.
And which does not break the Internet.

Randomizing fonts works with all web browsers.
And it doesn't break the Internet.

Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes

<tvdul7$2dj6g$1@solani.org>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=354&group=alt.msdos.batch#354

 copy link   Newsgroups: alt.comp.os.windows-10 alt.msdos.batch
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!reader5.news.weretis.net!news.solani.org!.POSTED!not-for-mail
From: thi...@address.is.invalid (mike)
Newsgroups: alt.comp.os.windows-10,alt.msdos.batch
Subject: Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes
Date: Wed, 22 Mar 2023 09:33:02 +0530
Message-ID: <tvdul7$2dj6g$1@solani.org>
References: <tv9pdf$2bdv7$1@solani.org> <tva7n6$1gk6c$1@paganini.bofh.team> <tva8me$28o79$1@solani.org> <tvb0ii$1nn6e$1@paganini.bofh.team> <tvbi4g$2cbdb$1@solani.org> <tvc50e$1rh9f$1@paganini.bofh.team>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Wed, 22 Mar 2023 04:02:47 -0000 (UTC)
Injection-Info: solani.org;
logging-data="2542800"; mail-complaints-to="abuse@news.solani.org"
User-Agent: Unison/2.1.10
Cancel-Lock: sha1:zDbbfYaTMaYaOWsJyE1eH+4hdXM=
X-User-ID: eJwFwYEBwCAIA7CXRCjoOaWO/09YAk9LVSQyMBjaFzhzdTOagTfuG0tpxkeDwjZ3txerOaQUC124R6bSD1tAFgM=
 by: mike - Wed, 22 Mar 2023 04:03 UTC

On 21-03-2023 17:08 Newyana2 <Newyana2@invalid.nospam> wrote:

> Exactly. Privacy is not philosophy. It's a practical
> matter. You may want to randomize your fonts, but others
> have a right to know it's not a useful thing to do.

I think you understand privacy and you must understand that I do too.
I never said there was only one way to approach anti fingerprinting.

Each method has its pros and cons, where randomizing the fonts has a large
advantage that it doesn't break the Internet & it works for all browsers.

It should also be zero maintenance (or close to zero) over a span of years.

If I had never mentioned why I want to randomize the "stuff" in a
directory, the question would still be the same, privacy or not.

How can someone randomize stuff in a Windows directory anyway?
That's the question.

Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes

<xa0abyccj4v.dlg@v.nguard.lh>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=355&group=alt.msdos.batch#355

 copy link   Newsgroups: alt.comp.os.windows-10 alt.msdos.batch
Path: i2pn2.org!i2pn.org!eternal-september.org!feeder.eternal-september.org!news.mixmin.net!news2.arglkargh.de!news.karotte.org!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: V...@nguard.LH (VanguardLH)
Newsgroups: alt.comp.os.windows-10,alt.msdos.batch
Subject: Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes
Date: Tue, 21 Mar 2023 23:56:11 -0500
Lines: 59
Message-ID: <xa0abyccj4v.dlg@v.nguard.lh>
References: <tv9pdf$2bdv7$1@solani.org> <1f6numnfmrda8$.dlg@v.nguard.lh> <tvdu41$2divu$1@solani.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Trace: individual.net hUX4AHmu7wuIrx1N7Hl5KQmCFnv3yj1yqpYmo8TusK0RLIAXyu
Cancel-Lock: sha1:X6Olvz6xbrlQiiFR2aiCxYQ0pc4=
User-Agent: 40tude_Dialog/2.0.15.41
 by: VanguardLH - Wed, 22 Mar 2023 04:56 UTC

mike <this@address.is.invalid> wrote:

> On 21-03-2023 23:38 VanguardLH <V@nguard.LH> wrote:
>
>> Easier for me to just configure my web browser, Firefox, to resist font
>> fingerprinting.
>
> I have nothing against Firefox and that's a nice feature of Firefox.
>
> But what good is a solution that only works with one browser?
> And which likely breaks the Internet?
>
> When you can come up with a solution that works with all browsers.
> And which does not break the Internet.
>
> Randomizing fonts works with all web browsers.
> And it doesn't break the Internet.

Unless a developer testing their web site or web app on multiple web
browsers to ensure compatibility with all, what's the point of using
multiple web browsers? Do you really bounce between web browsers on
your own personal hosts? Firefox is my primary web browser.
Edge-Chromium is a backup. It is very rare that I am forced away from
using my primary web browser.

Regardless of how you might use a multitude of web browsers, how much
have you helped others with problems on their computers? If you had,
you would realize the norm is for users to focus on one web browser.

But, in the case of actually and actively employing multiple web
browsers, and doing so repeatedly, yes, there is an advantage of
deploying a solution that is globally effected on all web browser,
including all of those you never get around to using yourself as a
solution to everyone else using different web browsers than your
choices.

The fonts getting divulged for fingerprinting are those installed on
your computer. Well, you can randomize which fonts you have, or you
could pare down all those extra fonts down to the basic set that
Windows, or your choice of OS, comes pre-bundled. You're denying web
sites from falling back to your fonts other than some standard set that
everyone has and supposedly would reduce your fingerprint (but do users
really only have a basic set of fonts that never change?). What happens
to all your other programs installed on your computer?

You randomize the font set while you are web browsing. When web
browsing, you never ever run any other program? You never open an
editor, word processor, spreadsheet, or load ANY other program while you
have the web browser loaded? Well, randomizing the font set for the web
browser means you are doing the same for every other program you may
open at the same time. If concurrently opening multiple programs was
not a wanted feature, Windows nor any other OS would have to bother with
multi-tasking, running a dispatcher, assigning priority, or all the
other functions of a multi-tasking OS. Running a single program that is
always foregrounded with no opportunity to load any other program is not
how users use Windows, Linux, or any other OS. To do so would mean
having to cripple the OS back to single-process operation, like DOS.

Your solution impacts more than just the web browser.

Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes

<tvf9qt$2eain$1@solani.org>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=360&group=alt.msdos.batch#360

 copy link   Newsgroups: alt.comp.os.windows-10 alt.msdos.batch
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!reader5.news.weretis.net!news.solani.org!.POSTED!not-for-mail
From: thi...@address.is.invalid (mike)
Newsgroups: alt.comp.os.windows-10,alt.msdos.batch
Subject: Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes
Date: Wed, 22 Mar 2023 21:49:57 +0530
Message-ID: <tvf9qt$2eain$1@solani.org>
References: <tv9pdf$2bdv7$1@solani.org> <1f6numnfmrda8$.dlg@v.nguard.lh> <tvdu41$2divu$1@solani.org> <xa0abyccj4v.dlg@v.nguard.lh>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Wed, 22 Mar 2023 16:19:42 -0000 (UTC)
Injection-Info: solani.org;
logging-data="2566743"; mail-complaints-to="abuse@news.solani.org"
User-Agent: Unison/2.1.10
Cancel-Lock: sha1:y1bcnvUx2hebHB7CCL2TVdEFr7A=
X-User-ID: eJwNx8EBwEAEBMCWCJYrx9nov4RkfhMGxaQj4LGxDE5jn8tXfAeJFCu+J8xdhhp/VK29bpJsyNZhwTeyz3xr+hYF
 by: mike - Wed, 22 Mar 2023 16:19 UTC

On 22-03-2023 10:26 VanguardLH <V@nguard.LH> wrote:

> Unless a developer testing their web site or web app on multiple web
> browsers to ensure compatibility with all, what's the point of using
> multiple web browsers? Do you really bounce between web browsers on
> your own personal hosts? Firefox is my primary web browser.
> Edge-Chromium is a backup. It is very rare that I am forced away from
> using my primary web browser.
> Regardless of how you might use a multitude of web browsers, how much
> have you helped others with problems on their computers? If you had,
> you would realize the norm is for users to focus on one web browser.
>
> But, in the case of actually and actively employing multiple web
> browsers, and doing so repeatedly, yes, there is an advantage of
> deploying a solution that is globally effected on all web browser,
> including all of those you never get around to using yourself as a
> solution to everyone else using different web browsers than your
> choices.

You may be the only person on Windows who has only one browser installed.

> The fonts getting divulged for fingerprinting are those installed on
> your computer. Well, you can randomize which fonts you have, or you
> could pare down all those extra fonts down to the basic set that
> Windows, or your choice of OS, comes pre-bundled.

That's not as easy as you seem to think it is.
Each program you install can add its own fonts.

> You're denying web
> sites from falling back to your fonts other than some standard set that
> everyone has and supposedly would reduce your fingerprint (but do users
> really only have a basic set of fonts that never change?). What happens
> to all your other programs installed on your computer?

That comment indicates you don't understand how font fingerprinting works.
They tabulate ALL the fonts on your computer. Not just what you use.

> You randomize the font set while you are web browsing. When web
> browsing, you never ever run any other program? You never open an
> editor, word processor, spreadsheet, or load ANY other program while you
> have the web browser loaded? Well, randomizing the font set for the web
> browser means you are doing the same for every other program you may
> open at the same time. If concurrently opening multiple programs was
> not a wanted feature, Windows nor any other OS would have to bother with
> multi-tasking, running a dispatcher, assigning priority, or all the
> other functions of a multi-tasking OS. Running a single program that is
> always foregrounded with no opportunity to load any other program is not
> how users use Windows, Linux, or any other OS. To do so would mean
> having to cripple the OS back to single-process operation, like DOS.
>
> Your solution impacts more than just the web browser.

Run this program please. <https://amiunique.org/fp> and save the results
to text, and paste your results into the reply like I did and we can solve
the fingerprinting issues together using real world data of our own.

The way you normally approach fingerprinting usually is you start with the
worst entropy and when you fix that, you move down to the next worst
entropy, and so on, until you're no longer unique or nearly unique.

In the best case, you want to blend in with the crowd.
Here are my current AmIUnique.txt values using one Firefox browser.

As expected, many things are worse than fonts in terms of entropy.
But fonts aren't good either.

All I want is an easy way to randomize the contents of a Windows folder
using the native tools that come with every Windows 10/11 installation.

AmIUnique <https://amiunique.org/>

* //My fingerprint <https://amiunique.org/fp>
* //My history <https://amiunique.org/history>
* //My extension <#>//My timeline <https://amiunique.org/timeline>//My
fingerprint stability <https://amiunique.org/stability>
* //Global statistics <https://amiunique.org/stats>
* //FAQ <https://amiunique.org/faq>
* //Privacy policy <https://amiunique.org/privacy>
* //Privacy tools <https://amiunique.org/tools>
* //Links <https://amiunique.org/links>
* //Survey <https://amiunique.org/survey>
* //Jobs <https://amiunique.org/jobs>
* //About <https://amiunique.org/about>
//My fingerprint <https://amiunique.org/fp>
//My history <https://amiunique.org/history>
//My extension <#>//My timeline
<https://amiunique.org/timeline>//My fingerprint stability
<https://amiunique.org/stability>
//Global statistics <https://amiunique.org/stats>
//FAQ <https://amiunique.org/faq>
//Privacy policy <https://amiunique.org/privacy>
//Privacy tools <https://amiunique.org/tools>
//Links <https://amiunique.org/links>
//Survey <https://amiunique.org/survey>
//Jobs <https://amiunique.org/jobs>
//About <https://amiunique.org/about>

My browser fingerprint
Are you unique ?
Yes!
You are unique among the 1529201 fingerprints in our entire dataset.

The following informations reveal your OS, browser, browser version as
well as your timezone and preferred language.

Moreover, we show the proportion of users sharing the same elements.
Windows 47.49%
Firefox 38.17%
Firefox v109 1.11%
Timezone UTC+5.5 1.57%
Language en 77.89%

Similarity ratio duration :
7 days = no
15 days = no
30 days = no
90 days = no
All time = yes

//Download your fingerprint
<xxx>// Download our browser extension
<https://addons.mozilla.org/firefox/addon/amiunique/>

Search:
/HTTP headers attributes/
Attribute Similarity ratio //All time Value
User agent // 0.42% Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0)
Gecko/20100101 Firefox/109.0
Accept // 27.86%
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Content encoding // 95.73% gzip, deflate, br
Content language // 31.76% en-US,en;q=0.5
Upgrade Insecure Requests // 90.76% 1
Do Not Track // 28.50% 1
Referer // 0.71% https://amiunique.org/fp
If none match // Unique

Showing 1 to 8 of 8 entries
Search:
/Javascript attributes/
Attribute Similarity ratio //All time Value
User agent // 0.46% Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0)
Gecko/20100101 Firefox/109.0
Platform // 34.68% Win32
Cookies enabled // 86.73% yes
Timezone // 1.57% -330
Content language // 40.66% en-US,en
Canvas // 0.23%
List of fonts (JS) // <0.01% Arabic Transparent, Arial, Arial Baltic, Arial
Black, Arial CE and 129 others
Use of Adblock // 65.67% no
Do Not Track // 23.83% yes
Navigator properties // 0.22% 43 properties in navigator object
BuildID // 31.96% 20181001000000
Product // 87.55% Gecko
Product sub // 32.37% 20100101
Vendor // 32.75% No value
Vendor sub // 87.77% No value
Hardware concurrency // 23.88% 4
Java enabled // 87.43% false
Device memory // 39.67% No value
List of plugins // 34.62% Plugin 0: PDF Viewer; Portable Document Format;
internal-pdf-viewer. Plugin 1: Chrome PDF Viewer; Portable Document Format;
internal-pdf-viewer. Plugin 2: Chromium PDF Viewer; Portable Document
Format; internal-pdf-viewer. Plugin 3: Microsoft Edge PDF Viewer; Portable
Document Format; internal-pdf-viewer. Plugin 4: WebKit built-in PDF;
Portable Document Format; internal-pdf-viewer.
Screen width // 22.33% 1920
Screen height // 21.04% 1080
Screen depth // 79.05% 24
Screen available top // 78.37% 0
Screen available Left // <0.01% 1982
Screen available Height // 7.81% 1080
Screen available width // 0.11% 1858
Screen left // 0.49% 1920
Screen top // 32.16% 0
Permissions // 2.27% geolocation : denied
notifications : denied
persistent-storage : prompt
push : denied
WebGL Vendor // 8.30% Google Inc. (NVIDIA)
WebGL Renderer // 0.19% ANGLE (NVIDIA, NVIDIA GeForce GTX 480 Direct3D11
vs_5_0 ps_5_0)
WebGL Data // 2.31%
WebGL Parameters // 0.18% 26 different extensions
25 different general parameters analyzed
36 different shaders precisions analyzed
Use of local storage // 86.38% yes
Use of session storage // 86.46% yes
Use of IndexedDB // 87.20% yes
Audio formats // 16.36% No value
Audio context // 16.36% No value
Frequency analyser // 16.36% No value
Audio data // 16.36% No value
Video formats // 87.78% video/mp4; codecs="flac" : probably
video/ogg; codecs="theora" : probably
video/ogg; codecs="opus" : probably
video/webm; codecs="vp9, opus" : probably
video/webm; codecs="vp8, vorbis" : probably
Media devices // 5.29% Timeout
Accelerometer // 78.59% false
Gyroscope // 79.05% false
Proximity sensor // 79.05% false
Keyboard layout // 46.27% Not supported
Battery // 40.62% Not supported
Connection // 44.35% Not supported
key // 87.56% cookie
Location bar // 87.19% Visible
Menu bar // 87.22% Visible
Personal bar // 87.20% Visible
Status bar // 87.20% Visible
Tool bar // 87.20% Visible
Result state // 87.56% No value
List of fonts (Flash) // 87.45% Flash not detected
Screen resolution (Flash) // 87.45% Flash not detected
Language (Flash) // 87.45% Flash not detected
Platform (Flash) // 87.45% Flash not detected


Click here to read the complete article
Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes

<jubm1iha8cjr9r9qjmdq3bpvq8s1jt10bp@4ax.com>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=361&group=alt.msdos.batch#361

 copy link   Newsgroups: alt.comp.os.windows-10 alt.msdos.batch
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!newsreader4.netcologne.de!news.netcologne.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: Ken...@invalid.news.com (Ken Blake)
Newsgroups: alt.comp.os.windows-10,alt.msdos.batch
Subject: Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes
Date: Wed, 22 Mar 2023 09:51:06 -0700
Lines: 39
Message-ID: <jubm1iha8cjr9r9qjmdq3bpvq8s1jt10bp@4ax.com>
References: <tv9pdf$2bdv7$1@solani.org> <1f6numnfmrda8$.dlg@v.nguard.lh> <tvdu41$2divu$1@solani.org> <xa0abyccj4v.dlg@v.nguard.lh> <tvf9qt$2eain$1@solani.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
X-Trace: individual.net FEVtebZswMMzTErMtllQBQZ968O/C+Sf9iIZiepSPJcfxc0N8S
Cancel-Lock: sha1:/oU41dQMwjHGqbaQVTl9b+5c+tU=
X-Newsreader: Forte Agent 6.00/32.1186
 by: Ken Blake - Wed, 22 Mar 2023 16:51 UTC

On Wed, 22 Mar 2023 21:49:57 +0530, mike <this@address.is.invalid>
wrote:

>On 22-03-2023 10:26 VanguardLH <V@nguard.LH> wrote:
>
>> Unless a developer testing their web site or web app on multiple web
>> browsers to ensure compatibility with all, what's the point of using
>> multiple web browsers? Do you really bounce between web browsers on
>> your own personal hosts? Firefox is my primary web browser.
>> Edge-Chromium is a backup. It is very rare that I am forced away from
>> using my primary web browser.
>> Regardless of how you might use a multitude of web browsers, how much
>> have you helped others with problems on their computers? If you had,
>> you would realize the norm is for users to focus on one web browser.
>>
>> But, in the case of actually and actively employing multiple web
>> browsers, and doing so repeatedly, yes, there is an advantage of
>> deploying a solution that is globally effected on all web browser,
>> including all of those you never get around to using yourself as a
>> solution to everyone else using different web browsers than your
>> choices.
>
>You may be the only person on Windows who has only one browser installed.

I think the great majority of Windows users have only one browser
installed--the one that comes with Windows (Edge, or IE in older
versions). Most of them probably don't even know that there are other
browsers to choose from. My wife, for example, has only Edge
installed, and I know many other such people.

If you don't count Edge, which I only use when Firefox doesn't work on
a particular web page, I have only Firefox installed.

Thinking of all my friends and relatives who use Windows, as far as I
know, they all have only Edge installed. I know that there are those
on these newsgroups with more than one, but having more than one never
makes sense to me. I pick the one I like best and that's what I use
all the time (almost all the time). I don't want any others.

Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes

<tvfjng$2egh2$1@solani.org>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=362&group=alt.msdos.batch#362

 copy link   Newsgroups: alt.comp.os.windows-10 alt.msdos.batch
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!reader5.news.weretis.net!news.solani.org!.POSTED!not-for-mail
From: thi...@address.is.invalid (mike)
Newsgroups: alt.comp.os.windows-10,alt.msdos.batch
Subject: Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes
Date: Thu, 23 Mar 2023 00:38:48 +0530
Message-ID: <tvfjng$2egh2$1@solani.org>
References: <tv9pdf$2bdv7$1@solani.org> <1f6numnfmrda8$.dlg@v.nguard.lh> <tvdu41$2divu$1@solani.org> <xa0abyccj4v.dlg@v.nguard.lh> <tvf9qt$2eain$1@solani.org> <jubm1iha8cjr9r9qjmdq3bpvq8s1jt10bp@4ax.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Wed, 22 Mar 2023 19:08:33 -0000 (UTC)
Injection-Info: solani.org;
logging-data="2572834"; mail-complaints-to="abuse@news.solani.org"
User-Agent: Unison/2.1.10
Cancel-Lock: sha1:wavEhk+oQt5ps66Uk3F0saeqLFk=
X-User-ID: eJwNwgERwDAIA0BLoyQB5BTW+pew3T9dpgmIAu9v07Nf1ZkmESpChZzQBpD9+MkbRD1V5EwsHWtbYXuc9QEvaRQ7
 by: mike - Wed, 22 Mar 2023 19:08 UTC

On 22-03-2023 22:21 Ken Blake <Ken@invalid.news.com> wrote:

>>You may be the only person on Windows who has only one browser installed.
>
> I think the great majority of Windows users have only one browser
> installed--the one that comes with Windows (Edge, or IE in older
> versions). Most of them probably don't even know that there are other
> browsers to choose from. My wife, for example, has only Edge
> installed, and I know many other such people.

Well, that might be true, now that you mentioned it, for all the mom and
pop PC owners out there who maybe don't know any better.

But I feel sorry for anyone who only has Edge as their browser.
Don't you?

> If you don't count Edge, which I only use when Firefox doesn't work on
> a particular web page, I have only Firefox installed.

Obviously the next most used browser is probably Chrome.
> Thinking of all my friends and relatives who use Windows, as far as I
> know, they all have only Edge installed. I know that there are those
> on these newsgroups with more than one, but having more than one never
> makes sense to me. I pick the one I like best and that's what I use
> all the time (almost all the time). I don't want any others.

What about proxy and/or tor browsers?
You never need privacy and/or anonymity?

Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes

<el48qzqzmb9r.dlg@v.nguard.lh>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=363&group=alt.msdos.batch#363

 copy link   Newsgroups: alt.comp.os.windows-10 alt.msdos.batch
Path: i2pn2.org!i2pn.org!usenet.goja.nl.eu.org!2.eu.feeder.erje.net!feeder.erje.net!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: V...@nguard.LH (VanguardLH)
Newsgroups: alt.comp.os.windows-10,alt.msdos.batch
Subject: Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes
Date: Thu, 23 Mar 2023 00:08:12 -0500
Lines: 254
Message-ID: <el48qzqzmb9r.dlg@v.nguard.lh>
References: <tv9pdf$2bdv7$1@solani.org> <1f6numnfmrda8$.dlg@v.nguard.lh> <tvdu41$2divu$1@solani.org> <xa0abyccj4v.dlg@v.nguard.lh> <tvf9qt$2eain$1@solani.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Trace: individual.net 6Gn9VkBE8rMY+qYrdbeJfA60hpmRdxSlG79kIAfXwxKqDxakjn
Cancel-Lock: sha1:eHO/oGLzhMyrprbji3/SU0Qd5yM=
User-Agent: 40tude_Dialog/2.0.15.41
 by: VanguardLH - Thu, 23 Mar 2023 05:08 UTC

mike <this@address.is.invalid> wrote:

> <V@nguard.LH> wrote:
>
>> Unless a developer testing their web site or web app on multiple web
>> browsers to ensure compatibility with all, what's the point of using
>> multiple web browsers? Do you really bounce between web browsers on
>> your own personal hosts? Firefox is my primary web browser.
>> Edge-Chromium is a backup. It is very rare that I am forced away from
>> using my primary web browser.
>> Regardless of how you might use a multitude of web browsers, how much
>> have you helped others with problems on their computers? If you had,
>> you would realize the norm is for users to focus on one web browser.
>>
>> But, in the case of actually and actively employing multiple web
>> browsers, and doing so repeatedly, yes, there is an advantage of
>> deploying a solution that is globally effected on all web browser,
>> including all of those you never get around to using yourself as a
>> solution to everyone else using different web browsers than your
>> choices.
>
> You may be the only person on Windows who has only one browser
> installed.

You're making up what I said. I said, again, that Firefox is my
primary, and Edge-Chromium is my backup. I had Chrome as the backup,
but since Microsoft moved to Blink for the rendering engine and V8 for
the Javascript interpreter, both from Chromium, and because
Edge-Chromium gives me more options than Chrome, there was no point in
keeping Chrome installed.

As a matter of fact, most users do NOT install an addition web browser.
They use what was bundled in the OS. For Windows, that's Edge (now
Edge-Chromium). For Android, that's Chrome. For Apple stuff, it's
Safari. So, for the vast majority of users, they do only have a single
web browser on their computing platform. It's the only one they need to
configure - but most don't tweak anything of the web browser. They
don't need the global solution you seek across multiple web browsers,
because they only have one. But then your inquiry isn't addressed to
the vast majority of users since they don't visit here. The audience
here is different, so, yes, they may have more than one web browser. I
have 2 of them. How many do you have?

That I have 2 web browsers does not mean I'm constantly switching
between them. Nor does having umpteen web browsers means I used anymore
than just one of them. Only one web browser needs to be tweaked how you
like - the one you use all the time. The others should be left in their
install-time state, because they are backups should there be a problem
with your primary web browser, and a backup choice should be plain to
ensure you aren't fucking it up the same way as you did the primary.
This is the same way you create your own Windows account for logging in
for your dailing computing sessions, and leave Administrator alone
except for use only in emergencies.

You are still hiding why you need umpteen web browsers for why you need
a global solution that affects all of them regarding fingerprinting. If
you are a developer then there is a reason to *test* with multiple web
browsers. You have shown no cue that you are a web developer. So, how
many web browsers do you have installed, how many do you use, and why do
you have more than one primary web browser? Why would you be screwing
with your backup/emergency web browsers that you aren't using anyway?

>> The fonts getting divulged for fingerprinting are those installed on
>> your computer. Well, you can randomize which fonts you have, or you
>> could pare down all those extra fonts down to the basic set that
>> Windows, or your choice of OS, comes pre-bundled.
>
> That's not as easy as you seem to think it is. Each program you
> install can add its own fonts.

Yep, you'll have to be the admin of your computer and perform the
maintenance. You want to setup a rotation of font folders (simpler than
trying to modifying the font files in one folder), so you are already
doing the same maintenance. For example, you will need to ensure when
installing programs that you reset the font folder rotation back to the
original \Fonts folder to ensure the program deposites its fonts into
that folder into one of your obscuring rotation font folders.

>> You're denying web sites from falling back to your fonts other than
>> some standard set that everyone has and supposedly would reduce your
>> fingerprint (but do users really only have a basic set of fonts that
>> never change?). What happens to all your other programs installed
>> on your computer?
>
> That comment indicates you don't understand how font fingerprinting
> works. They tabulate ALL the fonts on your computer. Not just what
> you use.

Answer the question rather than evade the subject. You want to rotate
between different sets of fonts (like renaming \Fonts to \Fonts.Original
and some other font folder, like \Fonts2 to \Fonts), but obviously that
DOES affect all your other programs. You're focusing on how to obscure
font fingerprinting *only* in the web browser without regarding the
effect such action does on other programs.

Oh, and as to web fonting, did you configure your web browsers to NOT
allow remote fonts? Those can easily be used for tracking, especially
if the site you visit gets those fonts from a 3rd-party, like Google, or
some other font foundry. The web page you load requests font resources
from elsewhere, so the request for the fonts goes to the font foundry
who redirects the resource elsewhere that can see where you visited for
the request and also your IP address to deliver the font resources to
your client. You want to obscure all your system fonts, but you're
allowing remote font loading which allows easy tracking.

https://github.com/gorhill/uBlock/wiki/Per-site-switches#no-remote-fonts
(That's using uBlock Origin, but there's likely other ways to block web
fonts.)

You doing all this work to hide what Javascript in a web doc can detect
for your font set. Yet you're allowing even easier tracking if you
allowing download of web fonts. Have you yet addressed that method of
tracking? Just be aware that if you disable remote fonts that many web
docs won't be correct. Often the fonts are to use graphical characters
within them, like chevrons, arrows, geometric shapes, and so forth for
the icons on elements in a web doc, like buttons you click on. Without
the remote fonts, you'll get a generic placeholder for the element's
icon, and won't have a clue what the element does. You can guess until
you error enough times to remember what each unidentified element does
for an action being content that you've blocked that tracking method, or
you can allow remote fonts, suffer any tracking, if any, and better
interpret the intent of iconified elements in a web doc.

>> You randomize the font set while you are web browsing. When web
>> browsing, you never ever run any other program? You never open an
>> editor, word processor, spreadsheet, or load ANY other program while you
>> have the web browser loaded? Well, randomizing the font set for the web
>> browser means you are doing the same for every other program you may
>> open at the same time. If concurrently opening multiple programs was
>> not a wanted feature, Windows nor any other OS would have to bother with
>> multi-tasking, running a dispatcher, assigning priority, or all the
>> other functions of a multi-tasking OS. Running a single program that is
>> always foregrounded with no opportunity to load any other program is not
>> how users use Windows, Linux, or any other OS. To do so would mean
>> having to cripple the OS back to single-process operation, like DOS.
>>
>> Your solution impacts more than just the web browser.
>
> Run this program please. <https://amiunique.org/fp> and save the results
> to text, and paste your results into the reply like I did and we can solve
> the fingerprinting issues together using real world data of our own.

Do you even read the replies to your thread? Look at my very first
reply. I already reported the effects of various methods of obscuring
fonts at EFF, amiunique, and browserleaks.

> The way you normally approach fingerprinting usually is you start with the
> worst entropy and when you fix that, you move down to the next worst
> entropy, and so on, until you're no longer unique or nearly unique.

You do realize that the stats reported at those sites are based solely
on their database of visitors. That you are unique within 200K other
visitors doesn't really represent your uniqueness across all web
browsing users visiting all web site. Theirs is just a small database.
It's a sample, and one that is biased due to the intent of the visitors
to their test sites.

> In the best case, you want to blend in with the crowd.

And why I said you need to figure out which is the base font set for a
new Windows installation. However, that would represent a sample of
users that install Windows, and install nothing thereafter. There are
some users like that, but doesn't seem the norm for most users. Windows
is a general-purpose OS, so the intent is more programs will get
installed. Those that have only the base font set are not the crowd you
want to hide within. My guess is that isn't the dominate crowd. I've
yet to find anyone gathering statistics on fonts to determine what the
average user has for a fonts set to let you hide in the biggest crowd.


Click here to read the complete article
Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes

<tvhpkj$2ch2l$1@solani.org>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=364&group=alt.msdos.batch#364

 copy link   Newsgroups: alt.comp.os.windows-10 alt.msdos.batch
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!reader5.news.weretis.net!news.solani.org!.POSTED!not-for-mail
From: thi...@address.is.invalid (mike)
Newsgroups: alt.comp.os.windows-10,alt.msdos.batch
Subject: Re: Random changing of C: Windows Fonts script for anti-fingerprinting purposes
Date: Thu, 23 Mar 2023 20:31:54 +0530
Message-ID: <tvhpkj$2ch2l$1@solani.org>
References: <tv9pdf$2bdv7$1@solani.org> <1f6numnfmrda8$.dlg@v.nguard.lh> <tvdu41$2divu$1@solani.org> <xa0abyccj4v.dlg@v.nguard.lh> <tvf9qt$2eain$1@solani.org> <el48qzqzmb9r.dlg@v.nguard.lh>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Thu, 23 Mar 2023 15:01:40 -0000 (UTC)
Injection-Info: solani.org;
logging-data="2507861"; mail-complaints-to="abuse@news.solani.org"
User-Agent: Unison/2.1.10
Cancel-Lock: sha1:XV96OSkdgxVeXWlGg6j8m3Lij0g=
X-User-ID: eJwNyMEBwCAIA8CVREnEcRDM/iO09zwsGms7QYcgR8bpeahbkZXR6rZz60m++BwrMRpprmH0njGNsH/FufUBdfcVxg==
 by: mike - Thu, 23 Mar 2023 15:01 UTC

On 22-03-2023 23:08 VanguardLH <V@nguard.LH> wrote:

>> You may be the only person on Windows who has only one browser
>> installed.
>
> You're making up what I said. I said, again, that Firefox is my
> primary, and Edge-Chromium is my backup. I had Chrome as the backup,
> but since Microsoft moved to Blink for the rendering engine and V8 for
> the Javascript interpreter, both from Chromium, and because
> Edge-Chromium gives me more options than Chrome, there was no point in
> keeping Chrome installed.

We disagree on how to approach a problem where you want to approach is
browser by browser by browser by browser by browser, and I don't.

The randomizing of fonts approach works instantly for all browsers.
And it doesn't require any in-depth knowledge of the browser peculiarities.
> As a matter of fact, most users do NOT install an addition web browser.
> They use what was bundled in the OS. For Windows, that's Edge (now
> Edge-Chromium). For Android, that's Chrome. For Apple stuff, it's
> Safari. So, for the vast majority of users, they do only have a single
> web browser on their computing platform. It's the only one they need to
> configure - but most don't tweak anything of the web browser. They
> don't need the global solution you seek across multiple web browsers,
> because they only have one. But then your inquiry isn't addressed to
> the vast majority of users since they don't visit here. The audience
> here is different, so, yes, they may have more than one web browser. I
> have 2 of them. How many do you have?

I use all the main variants of chromium & mozilla (such as iron, pale moon,
ice dragon, ice weasel, iridium, vivaldi, sea monkey, etc) and then some
privacy focused browsers (such as avast, brave, epic, opera & tor).

The reason is multiple as some do things the others don't but the main
reason is that a fundamental component of fingerprinting is the browser.

> That I have 2 web browsers does not mean I'm constantly switching
> between them. Nor does having umpteen web browsers means I used anymore
> than just one of them. Only one web browser needs to be tweaked how you
> like - the one you use all the time. The others should be left in their
> install-time state, because they are backups should there be a problem
> with your primary web browser, and a backup choice should be plain to
> ensure you aren't fucking it up the same way as you did the primary.
> This is the same way you create your own Windows account for logging in
> for your dailing computing sessions, and leave Administrator alone
> except for use only in emergencies.

Even if you only have one browser, approaching the problem outside the
browser is a better approach in many ways than trying to learn the
unfathomable complexities of an ever changing and easily hacked browser.

> You are still hiding why you need umpteen web browsers for why you need
> a global solution that affects all of them regarding fingerprinting. If
> you are a developer then there is a reason to *test* with multiple web
> browsers. You have shown no cue that you are a web developer. So, how
> many web browsers do you have installed, how many do you use, and why do
> you have more than one primary web browser? Why would you be screwing
> with your backup/emergency web browsers that you aren't using anyway?

Those comments indicate you don't understand how fingerprinting works.
What part am I hiding if the entire concept is fingerprint avoidance?
Are you not aware that the browser itself is a key component of entropy?

>>> The fonts getting divulged for fingerprinting are those installed on
>>> your computer. Well, you can randomize which fonts you have, or you
>>> could pare down all those extra fonts down to the basic set that
>>> Windows, or your choice of OS, comes pre-bundled.
>>
>> That's not as easy as you seem to think it is. Each program you
>> install can add its own fonts.
>
> Yep, you'll have to be the admin of your computer and perform the
> maintenance. You want to setup a rotation of font folders (simpler than
> trying to modifying the font files in one folder), so you are already
> doing the same maintenance. For example, you will need to ensure when
> installing programs that you reset the font folder rotation back to the
> original \Fonts folder to ensure the program deposites its fonts into
> that folder into one of your obscuring rotation font folders.

The maintenance of a background Windows script is COMPLETELY DIFFERENT than
the maintenance of the myriad switches and dials in a half dozen browsers.

Just turning off search in the Firefox address bar should be a simple
switch, right? It is, but it's hidden and you have to know the intricate
complexities of Firefox just to turn the address bar back into what it's
called. And that could change at any moment. And has, over time.

>>> You're denying web sites from falling back to your fonts other than
>>> some standard set that everyone has and supposedly would reduce your
>>> fingerprint (but do users really only have a basic set of fonts that
>>> never change?). What happens to all your other programs installed
>>> on your computer?
>>
>> That comment indicates you don't understand how font fingerprinting
>> works. They tabulate ALL the fonts on your computer. Not just what
>> you use.
>
> Answer the question rather than evade the subject. You want to rotate
> between different sets of fonts (like renaming \Fonts to \Fonts.Original
> and some other font folder, like \Fonts2 to \Fonts), but obviously that
> DOES affect all your other programs. You're focusing on how to obscure
> font fingerprinting *only* in the web browser without regarding the
> effect such action does on other programs.

There is no effect on other programs.

Somehow you're seeing UFOs when they don't exist.
> Oh, and as to web fonting, did you configure your web browsers to NOT
> allow remote fonts? Those can easily be used for tracking, especially
> if the site you visit gets those fonts from a 3rd-party, like Google, or
> some other font foundry. The web page you load requests font resources
> from elsewhere, so the request for the fonts goes to the font foundry
> who redirects the resource elsewhere that can see where you visited for
> the request and also your IP address to deliver the font resources to
> your client. You want to obscure all your system fonts, but you're
> allowing remote font loading which allows easy tracking.
>
> https://github.com/gorhill/uBlock/wiki/Per-site-switches#no-remote-fonts
> (That's using uBlock Origin, but there's likely other ways to block web
> fonts.)

I don't use any addons or plugins for the same reason that I use a Windows
based holistic approach to fingerprinting - always outside the browser.

> You doing all this work to hide what Javascript in a web doc can detect
> for your font set. Yet you're allowing even easier tracking if you
> allowing download of web fonts. Have you yet addressed that method of
> tracking? Just be aware that if you disable remote fonts that many web
> docs won't be correct. Often the fonts are to use graphical characters
> within them, like chevrons, arrows, geometric shapes, and so forth for
> the icons on elements in a web doc, like buttons you click on. Without
> the remote fonts, you'll get a generic placeholder for the element's
> icon, and won't have a clue what the element does. You can guess until
> you error enough times to remember what each unidentified element does
> for an action being content that you've blocked that tracking method, or
> you can allow remote fonts, suffer any tracking, if any, and better
> interpret the intent of iconified elements in a web doc.

When I set up a browser, I set it up to turn off EVERYTHING I don't need.
That's almost everything, but I will admit some things I don't understand.

Things like turning off autofills and remembering previous pages are easy
to turn off, as are questions about using the camera and mic or displaying
anything but images but some browser setting switches I don't understand.

I don't understand DRM questions, for example - so I turn them off.
If you can explain why they ask those DRM questions, please do.

Same with "Query OCSP responders" questions which I don't understand.
So I turn them off.

I know enough NOT to block malicious content because that alone has to send
the content to a server, which is an invasion of privacy from the get go.

And of course, the data collection of Firefox is legendary, all of which I
turn off on sight but I leave on spellchecking (because I need it).

I don't even know what they're asking when they ask for a yes or no on
"Continue running background apps when browser is closed" either.


Click here to read the complete article
1
server_pubkey.txt

rocksolid light 0.9.7
clearnet tor